Test Questions Abernathy CISSP 3e Verified Test Bank - Exam Pack | CISSP Cert Guide 3e Abernathy by Robin Abernathy. DOCX document preview.
Question ID: CISSP-2018-RA-07-2-215
Question: What type of evidence is a copy of a disk?
A: Secondary evidence
B: Best evidence
C: Conclusive evidence
D: Hearsay evidence
Question ID: CISSP-2018-RA-07-2-216
Question: When designing an auditing strategy, which of the following guidelines should you NOT implement?
A: Deletion of the audit logs should be a two-man control.
B: Logs should not contain details of any activities carried out by administrative-level accounts.
C: Audit logs should be deleted only by administrators.
D: The audit logs should be securely stored.
E: Statements a and b
F: Statements b and c
G: Statements b and d
Question ID: CISSP-2018-RA-07-2-217
Question: Which of the following should NOT be included as part of the auditing strategy?
A: Ensure that the audit logs are backed up.
B: Monitor and manage the size of the audit logs.
C: Establish an audit review policy.
D: Ensure that the audit log is periodically scrubbed.
Question ID: CISSP-2018-RA-07-2-218
Question: What is the principal disadvantage to configuring a comprehensive audit program for an organization?
A: It takes longer for users to log in.
B: It takes longer for users to authenticate.
C: It takes longer for users to access resources.
D: It adversely affects the performance of the audited systems.
E: It allows you to recognize patterns of abnormal behavior.
Question ID: CISSP-2018-RA-07-2-219
Question: Which of the following audit events should be recorded only if the users are properly notified of the audit?
A: Successful logins
B: Unsuccessful logins
C: File modification
D: Keystroke monitoring
Question ID: CISSP-2018-RA-07-2-220
Question: Your organization implements a policy that states that all audit logs must be backed up to a DVD archive before they are deleted. In addition, you must provide a mechanism whereby you can discover if the archived files have been edited. Which tool should you use?
A: Audit-reduction tool
B: Scrubbing tool
C: Hashing tool
D: ACL
Question ID: CISSP-2018-RA-07-2-221
Question: Which of the following is NOT a task of the Configuration Control Board?
A: Meet periodically to discuss configuration status accounting reports.
B: Suggest configuration changes.
C: Maintain responsibility for ensuring that changes made do not jeopardize the soundness of the verification system.
D: Ensuring that changes made are approved, tested, documented, and implemented correctly.
Question ID: CISSP-2018-RA-07-2-222
Question: During a recent organizational restructure, several tasks within a single job role were divided. In the past, the same person could both complete an accounts payable transaction and authorize payment for that transaction. Now the person who completes an accounts payable transaction can no longer also authorize payment. This an example of which concept?
A: Job rotation
B: Separation of duties
C: Split knowledge
D: Dual control
Question ID: CISSP-2018-RA-07-2-223
Question: Which security concept prescribes that users be granted only those permissions they need to do their work?
A: Least privilege
B: Implicit deny
C: Separation of duties
D: Need-to-know
Question ID: CISSP-2018-RA-07-2-224
Question: When an organization prevents conflicts of interest when assigning personnel to complete certain security tasks, it has applied which security principle?
A: Due diligence
B: Due care
C: Job rotation
D: Separation of duties
Question ID: CISSP-2018-RA-07-2-225
Question: At which stage of incident response is the root cause of the incident discovered?
A: Analysis
B: Investigation
C: Tracking
D: Post-mortem
E: Triage
F: Recovery
G: Containment
Question ID: CISSP-2018-RA-07-2-226
Question: Which stage of incident response is damage mitigated?
A: Analysis
B: Investigation
C: Tracking
D: Post-mortem
E: Triage
F: Recovery
G: Containment
Question ID: CISSP-2018-RA-07-2-227
Question: Which of the following is installed to entice potential attackers and gather information?
A: Penetration testing
B: DoS
C: Honeypot
D: File integrity checker
Question ID: CISSP-2018-RA-07-2-228
Question: Which of the following is NOT a rule of change management?
A: Document your change process.
B: Always test your changes.
C: Document your fallback plan.
D: Ignore system types.
Question ID: CISSP-2018-RA-07-2-229
Question: In which of the following RAID types is parity information written to a single dedicated drive?
A: RAID 0
B: RAID 1
C: RAID 2
D: RAID 3
E: RAID 5
F: C, D and E only
G: C and D only
H: A , D and E only
Question ID: CISSP-2018-RA-07-2-230
Question: Which of the following items requires alternative telecommunications and computer equipment to be set up and configured to provide functionality?
A: Clustering
B: Fault tolerance
C: Cold site
D: Server redundancy
E: Hot site
F: Warm site
G: A, C and F only
H: None of the above
Question ID: CISSP-2018-RA-07-2-231
Question: Which of the following is the average time required to repair a single resource or function?
A: MTD
B: MPTD
C: MTTR
D: MTBF
E: RTO
F: WRT
G: RPO
Question ID: CISSP-2018-RA-07-2-232
Question: Which of the following items provides an alternative site without the cost of maintaining an additional site?
A: Clustering
B: Fault tolerance
C: Cold site
D: Server redundancy
E: Reciprocal agreement
F: Warm site
G: Tertiary site
Question ID: CISSP-2018-RA-07-2-233
Question: Which of the following is the point in time to which the disrupted resource or function must be returned?
A: MTD
B: MPTD
C: MTTR
D: MTBF
E: RTO
F: WRT
G: RPO
Question ID: CISSP-2018-RA-07-2-234
Question: Which of the following statements regarding business continuity planning are TRUE?
A: The BCP committee must work with business units to ultimately determine the business continuity and disaster recovery priorities.
B: Senior business unit managers are responsible for identifying and prioritizing time-critical systems.
C: Once all aspects of the plans have been determined, the IT department should be tasked with regularly reviewing the plans to ensure they remain current and viable.
D: Senior management should closely monitor and control all business continuity efforts and should publicly praise any successes.
E: Statements a and b only
F: Statements a, b, and c only
G: Statements a, b, and d only
H: All the statements
Question ID: CISSP-2018-RA-07-2-235
Question: Which type of BCP testing occurs when managers of each department or functional area review the BCP and make note of any modifications to the plan for the BCP committee?
A: Simulation test
B: Structured walk-through test
C: Checklist test
D: Table-top exercise
Question ID: CISSP-2018-RA-07-3-171
Question: Which step in the investigative process includes hidden data extraction?
A: Preservation
B: Collection
C: Examination
D: Identification
Question ID: CISSP-2018-RA-07-3-172
Question: What type of evidence is an original copy of the contractual agreement?
A: Secondary evidence
B: Best evidence
C: Conclusive evidence
D: Hearsay evidence
Question ID: CISSP-2018-RA-07-3-173
Question: Which step in the investigative process includes signature resolution?
A: Preservation
B: Collection
C: Examination
D: Identification
Question ID: CISSP-2018-RA-07-3-174
Question: What type of evidence does not require any corroboration?
A: Secondary evidence
B: Best evidence
C: Conclusive evidence
D: Hearsay evidence
Question ID: CISSP-2018-RA-07-3-175
Question: Which step in the investigative process includes data reduction?
A: Preservation
B: Collection
C: Examination
D: Identification
Question ID: CISSP-2018-RA-07-3-176
Question: What type of evidence requires the assistance of other types of evidence?
A: Secondary evidence
B: Best evidence
C: Conclusive evidence
D: Hearsay evidence
Question ID: CISSP-2018-RA-07-3-177
Question: Which step in the investigative process includes chain of custody standards?
A: Preservation
B: Collection
C: Examination
D: Identification
Question ID: CISSP-2018-RA-07-3-178
Question: What type of evidence does not require backup information?
A: Secondary evidence
B: Best evidence
C: Conclusive evidence
D: Direct evidence
Question ID: CISSP-2018-RA-07-3-179
Question: Which of the following types of evidence should be collected last in an investigation of a computer crime?
A: Memory contents
B: Raw disk blocks
C: Swap files
D: File system information
E: Network processes
F: System processes
Question ID: CISSP-2018-RA-07-3-180
Question: What type of evidence requires inference from the available facts?
A: Secondary evidence
B: Best evidence
C: Circumstantial evidence
D: Hearsay evidence
Question ID: CISSP-2018-RA-07-3-181
Question: Which of the following types of evidence should be collected second in an investigation of a computer crime?
A: Memory contents
B: Raw disk blocks
C: Swap files
D: File system information
E: Network processes
F: System processes
Question ID: CISSP-2018-RA-07-3-182
Question: What type of evidence is not adequate to implicate a suspect but can complement the primary evidence?
A: Secondary evidence
B: Corroborative evidence
C: Circumstantial evidence
D: Hearsay evidence
Question ID: CISSP-2018-RA-07-3-183
Question: What role does auditing play in access control?
A: Authorization
B: Authenticity
C: Authentication
D: Accountability
Question ID: CISSP-2018-RA-07-3-184
Question: Which audit log collection policy should you NOT implement?
A: Allow the rollover of logs.
B: Review the audit logs on a regular basis.
C: Control the amount of data in the audit logs.
D: Secure the audit logs.
Question ID: CISSP-2018-RA-07-3-185
Question: Which type of events are most likely to display the IP addresses of the communicating devices?
A: Application events
B: System events
C: Network events
D: User events
Question ID: CISSP-2018-RA-07-3-186
Question: Which of the following ciphers is a type of steganography?
A: Concealment cipher
B: Substitution cipher
C: Transposition cipher
D: Symmetric cipher
Question ID: CISSP-2018-RA-07-3-187
Question: What is the purpose of steganography?
A: To determine the strength of an algorithm
B: To hide a message inside another object
C: To determine the algorithm used
D: To create a message digest
Question ID: CISSP-2018-RA-07-3-188
Question: What is a stegomedium?
A: Information that is being hidden
B: Strength of an algorithm
C: Object in which the information is hidden
D: Method of hiding a message inside another object
Question ID: CISSP-2018-RA-07-3-189
Question: What is payload?
A: Method of hiding a message inside another object
B: Strength of an algorithm
C: Object in which the information is hidden
D: Information that is being hidden
Question ID: CISSP-2018-RA-07-3-190
Question: What is least significant bit steganography?
A: When some or all the bits or bytes inside an image are replaced with a bits of the secret message
B: When secret information is embedded in the frequency domain of the signal
C: When secret information is embedded by changing several statistical properties of a cover
D: When knowledge of original cover in the decoding process is essential at the receiver side
Question ID: CISSP-2018-RA-07-3-191
Question: What is the transform domain technique of steganography?
A: When some or all the bits or bytes inside an image are replaced with bits of the secret message
B: When secret information is embedded in the frequency domain of the signal
C: When secret information is embedded by changing several statistical properties of a cover
D: When knowledge of original cover in the decoding process is essential at the receiver side
Question ID: CISSP-2018-RA-07-3-192
Question: What is the distortion technique of steganography?
A: When some or all the bits or bytes inside an image are replaced with bits of the secret message
B: When secret information is embedded in the frequency domain of the signal
C: When secret information is embedded by changing several statistical properties of a cover
D: When knowledge of original cover in the decoding process is essential at the receiver side
Question ID: CISSP-2018-RA-07-3-193
Question: Your organization often uses least significant bit steganography to embed secret messages within image files. What is a drawback to this method?
A: The performance of the receiver’s device is degraded.
B: The performance of the sender’s device is degraded.
C: The quality of the image is degraded.
D: The size of the image will be significantly larger.
Question ID: CISSP-2018-RA-07-3-194
Question: Which of the following is considered linguistic steganography?
A: Visual semagrams
B: Jargon code
C: Covered ciphers
D: Text semagrams
E: All the above
Question ID: CISSP-2018-RA-07-3-195
Question: Which of the following represents the smallest portion of an operation to be subject to an independent configuration control procedure?
A: Software library
B: Software patches
C: Configuration Identification
D: Configuration items
Question ID: CISSP-2018-RA-07-3-196
Question: When an organization assigns more than one person the tasks of a single position within the organization, it has applied which security principle?
A: Due diligence
B: Due care
C: Job rotation
D: Separation of duties
Question ID: CISSP-2018-RA-07-3-197
Question: When an organization evaluates information to identify vulnerabilities, threats, and issues related to risk, it has applied which security principle?
A: Due diligence
B: Due care
C: Job rotation
D: Separation of duties
Question ID: CISSP-2018-RA-07-3-198
Question: Which practice allows for fraudulent activities to be discovered and job rotation to take place?
A: Due diligence
B: Clipping levels
C: Mandatory vacations
D: Separation of duties
Question ID: CISSP-2018-RA-07-3-199
Question: Which security concept requires the involvement of more than one individual to accomplish a critical task?
A: Least privilege
B: Implicit deny
C: Separation of duties
D: Need-to-know
Question ID: CISSP-2018-RA-07-3-200
Question: Which security concept prescribes that users should be provided only the information required to perform a task?
A: Least privilege
B: Implicit deny
C: Separation of duties
D: Need-to-know
Question ID: CISSP-2018-RA-07-3-201
Question: Which security concept requires that the default level of access to all data should be no access?
A: Least privilege
B: Implicit deny
C: Separation of duties
D: Need-to-know
Question ID: CISSP-2018-RA-07-3-202
Question: Which stage of incident response involves the collection of relevant data?
A: Analysis
B: Investigation
C: Tracking
D: Post-mortem
E: Triage
F: Recovery
G: Containment
Question ID: CISSP-2018-RA-07-3-203
Question: At which stage of incident response are necessary adjustments or enhancements made to policies and procedures?
A: Analysis
B: Investigation
C: Tracking
D: Post-mortem
E: Triage
F: Recovery
G: Containment
Question ID: CISSP-2018-RA-07-3-204
Question: Which of the following are systems that are configured with reduced security to entice attackers?
A: NIDS
B: HIDS
C: IPS
D: Honeypot
E: Padded cell
Question ID: CISSP-2018-RA-07-3-205
Question: Which of the following is the most important action to take before introducing a software patch?
A: Test the patch.
B: Verify the version number.
C: Remove the old patch.
D: Check with other administrators.
Question ID: CISSP-2018-RA-07-3-206
Question: After a change has been tested and presented what is the next step in the change control process?
A: The change is approved.
B: The change is implemented.
C: The change is reported to management or the change control board (CCB).
D: The change is requested.
Question ID: CISSP-2018-RA-07-3-207
Question: After a change has been documented in the change log what is the next step in the Change control process?
A: The change is approved.
B: The change is implemented.
C: The change is reported to management or the change control board (CCB).
D: The change is tested and presented.
Question ID: CISSP-2018-RA-07-3-208
Question: After a change has been tested and presented what is the next step in the change control process?
A: The change is approved.
B: The change is implemented.
C: The change is reported to management or the change control board (CCB).
D: The change is tested and presented.
Question ID: CISSP-2018-RA-07-3-209
Question: Which of the following items provides an alternative in case existing options are unavailable?
A: Clustering
B: Fault tolerance
C: Cold site
D: Server redundancy
E: Hot site
F: Warm site
G: Tertiary site
Question ID: CISSP-2018-RA-07-3-210
Question: Which of the following is the maximum amount of time that an organization can tolerate a single resource or function being down?
A: MTD
B: MPTD
C: MTTR
D: MTBF
E: RTO
F: WRT
G: RPO
Question ID: CISSP-2018-RA-07-3-211
Question: Which of the following items ensures that each server has another server that can operate in its places?
A: Fault tolerance
B: Cold site
C: Server redundancy
D: Hot site
E: Warm site
F: A, C and F only
G: None of the above
Question ID: CISSP-2018-RA-07-3-212
Question: Which of the following is the difference between RTO and MTD?
A: RPO
B: MPTD
C: MTTR
D: MTBF
E: WRT
Question ID: CISSP-2018-RA-07-3-213
Question: Which of the following options is a subset of another option?
A: Clustering
B: Fault tolerance
C: Cold site
D: Server redundancy
E: Hot site
F: Warm site
G: A, C and F only
H: None of the above
Question ID: CISSP-2018-RA-07-3-214
Question: Which of the following is the estimated amount of time a device will operate before a failure occurs?
A: RPO
B: MPTD
C: MTTR
D: MTBF
E: WRT
F: RTO
Question ID: CISSP-2018-RA-07-3-215
Question: Which of the following measures require that computers be set up for full functionality?
A: Clustering
B: Fault tolerance
C: Cold site
D: Server redundancy
E: Hot site
F: Warm site
G: E and F only
H: None of the above
Question ID: CISSP-2018-RA-07-3-216
Question: Which of the following is the shortest time period after a disaster or disruptive event within which a resource or function must be restored to avoid unacceptable consequences?
A: RPO
B: MPTD
C: MTTR
D: MTBF
E: WRT
F: RTO
Question ID: CISSP-2018-RA-07-3-217
Question: Which of the following contains all the resources needed for full operation?
A: Clustering
B: Fault tolerance
C: Cold site
D: Server redundancy
E: Hot site
F: Warm site
G: A, C and F only
H: None of the above
Question ID: CISSP-2018-RA-07-3-218
Question: For which of the following metrics does a large value indicates increased system reliability?
A: RPO
B: MPTD
C: MTTR
D: MTBF
E: WRT
F: RTO
Question ID: CISSP-2018-RA-07-3-219
Question: Which of the following concepts ensures that you have the required number of components plus one extra to plug into any system in case of failure?
A: Clustering
B: Fault tolerance
C: Cold site
D: Server redundancy
E: Hot site
F: Warm site
G: A, C and F only
H: None of the above
Question ID: CISSP-2018-RA-07-3-220
Question: Your organization wants to implement an alternative site that will allow the organization to have the most control of the resources. The organization is not concerned with cost. Its primary concern is that the site is recoverable in the least amount of time. Which of the following alternative site strategies should the organization implement?
A: Hot site
B: Warm site
C: Tertiary site
D: Cold site
E: Redundant site
Question ID: CISSP-2018-RA-07-3-221
Question: Your organization wants to implement an alternative site. The organization‘s primary concern is ensuring that expense is kept to a minimum. Which of the following alternative site strategies should the organization implement?
A: Hot site
B: Warm site
C: Tertiary site
D: Cold site
E: Redundant site
Question ID: CISSP-2018-RA-07-3-222
Question: Your organization has performed a business impact analysis (BIA). During the BIA, it has been determined that there are certain risks that can affect both the primary site and the hot site. It has been decided to implement another site that is geographically dispersed from the other two sites. Which of the following alternative site strategies should the organization implement?
A: Hot site
B: Warm site
C: Tertiary site
D: Cold site
E: Redundant site
Question ID: CISSP-2018-RA-07-3-223
Question: Which of the following statements regarding the teams involved in disaster recovery are FALSE?
A: The damage assessment team is responsible for determining the disaster’s cause and the amount of damage that has occurred to organizational assets.
B: The recovery team’s primary task is recovering the critical business functions at the alternate facility.
C: The restoration team actually ensures that the assets and data are restored to operations.
D: The salvage team recovers all assets at the disaster location and ensures that the secondary site returns to normal.
E: Statements a and d only
F: Statements b and d only
G: Statements a and c only
H: All the statements
I: None of the statements
Question ID: CISSP-2018-RA-07-3-224
Question: What should be the primary concern when a disaster occurs?
A: Protecting facilities
B: Protecting personnel
C: Contacting authorities
D: Mitigating damage
Question ID: CISSP-2018-RA-07-3-225
Question: Which type of BCP testing is most accurate?
A: Simulation test
B: Structured walk-through test
C: Checklist test
D: Table-top exercise
Question ID: CISSP-2018-RA-07-3-226
Question: Which type of BCP testing occurs when the operations and support personnel execute the DRP in a role-playing scenario to identify omitted steps and threats?
A: Simulation test
B: Structured walk-through test
C: Checklist test
D: Table-top exercise
Question ID: CISSP-2018-RA-07-3-227
Question: Your organization has developed a comprehensive disaster recovery plan. As part of this plan, regular testing of the plan will occur. Which of the following are valid reasons for testing the plan?
A: To verify the capabilities of the alternate site
B: To train personnel to perform their emergency tasks
C: To identify plan deficiencies
D: To verify plan accuracy
E: To verify performance metrics
F: Statements a, b, c, and d
G: Statements a, b, c, and e
H: Statements a, b, and c
Question ID: CISSP-2018-RA-07-3-228
Question: What is the last step of any business continuity plan?
A: Maintain the plan.
B: Test, train, and exercise the plan.
C: Create recovery strategies.
D: Conduct BIA.
Question ID: CISSP-2018-RA-07-3-229
Question: Which of the following sends a beam of light across the area and if the beam is interrupted the alarm is triggered.
A: Photometric system
B: PIR
C: Bollards
D: Auxiliary station alarm
Question ID: CISSP-2018-RA-07-3-230
Question: Which class of gate is suitable for residential applications?
A: Class 1
B: Class 2
C: Class 3
D: Class 4
Question ID: CISSP-2018-RA-07-3-232
Question: Which of the following controls bases access on the sensitivity of the data?
A: Context-dependent
B: Pre-validation
C: Content-dependent
D: Post-validation
Question ID: CISSP-2018-RA-07-3-233
Question: Which attack type reroutes data traffic?
A: Ping of death
B: Land attack
C: DoS attack
D: Network address hijacking
Question ID: CISSP-2018-RA-07-3-234
Question: Which of the following controls ensures an application's output is validated to be within certain constraints?
A: Context-dependent
B: Pre-validation
C: Content-dependent
D: Post-validation
Question ID: CISSP-2018-RA-07-3-235
Question: Which attack type floods target computers with oversized packets?
A: Ping of death
B: Land attack
C: DoS attack
D: Network address hijacking
Question ID: CISSP-2018-RA-07-4-171
Question: Which of the following steps in the life cycle of evidence takes place in court?
A: Collect
B: Store
C: Return
D: Analyze
E: Present
Question ID: CISSP-2018-RA-07-4-172
Question: Directing the output of the forensic imaging software to which interface is recommended when performing forensic imaging?
A: SCSI
B: Ethernet
C: Bluetooth
D: 802.11
Question ID: CISSP-2018-RA-07-4-173
Question: Which of the following steps in the life cycle of evidence comes first?
A: Collect
B: Store
C: Return
D: Analyze
E: Present
Question ID: CISSP-2018-RA-07-4-174
Question: A disk image backup used for forensic investigations should be of what type?
A: Byte level
B: Bit level
C: Nibble level
D: File level
Question ID: CISSP-2018-RA-07-4-175
Question: Which of the following steps in the life cycle of evidence comes last?
A: Collect
B: Store
C: Return
D: Analyze
E: Present
Question ID: CISSP-2018-RA-07-4-176
Question: Which of the following concepts concerns collection, analysis, and preservation of evidence?
A: Chain of custody
B: Due diligence
C: Due care
D: Liability
Question ID: CISSP-2018-RA-07-4-177
Question: In which of the following steps in the life cycle of evidence is the highest level of expertise required?
A: Collect
B: Store
C: Return
D: Analyze
E: Present
Question ID: CISSP-2018-RA-07-4-178
Question: Which of the following concepts describes an organization's responsibility when a security breach occurs?
A: Chain of custody
B: Due diligence
C: Due care
D: Liability
Question ID: CISSP-2018-RA-07-4-179
Question: In which of the following steps in the life cycle of evidence is the primary consideration that the evidence not be tampered with?
A: Collect
B: Store
C: Return
D: Analyze
E: Present
Question ID: CISSP-2018-RA-07-4-180
Question: In which phase of embedded device analysis will the investigator extract the artifacts from the original media and then organize them on CD-ROM or DVD-ROM?
A: Preservation
B: Collection
C: Analysis
D: Presentation
Question ID: CISSP-2018-RA-07-4-181
Question: Which type of linguistic steganography is the hidden text reconstructed by taking the first, second, or whichever letter of each word?
A: Null ciphers
B: Cues
C: Jargon codes
D: Newspaper code
Question ID: CISSP-2018-RA-07-4-182
Question: Which type of steganography are microdots?
A: Linguistic steganography
B: Technical steganography
C: Open code steganography
D: Semagrams
Question ID: CISSP-2018-RA-07-4-183
Question: Which term is used for the file or object after the message has been hidden within it?
A: Payload
B: Cover medium
C: Stego medium
D: Carrier
Question ID: CISSP-2018-RA-07-4-184
Question: What is the art of steganography detection and extraction?
A: Digital steganography
B: Digital watermark
C: Semagram
D: Steganalysis
Question ID: CISSP-2018-RA-07-4-185
Question: What is a translucent mark incorporated into paper to identify the manufacturer and as a mark of authenticity and to discourage counterfeiters?
A: Digital watermark
B: Digital steganography
C: Semagram
D: Steganalysis
Question ID: CISSP-2018-RA-07-4-186
Question: A user contacts you regarding issues with transmitting a copy of his transcript to a potential contractor. When the user makes a copy of the transcript, a “Transcript cannot be copied” message is printed in a large font across the transcript. What is this an example of?
A: Digital watermark
B: Semagram
C: Microdots
D: Copyright
Question ID: CISSP-2018-RA-07-4-187
Question: Which concept is applied to reduce the amount of data to be evaluated in audit logs?
A: Due diligence
B: Clipping levels
C: Mandatory vacations
D: Separation of duties
Question ID: CISSP-2018-RA-07-4-188
Question: Which of the following is the most common type of intrusion detection system?
A: NIDS
B: HIDS
C: IPS
D: Honeypot
E: Padded cell
Question ID: CISSP-2018-RA-07-4-189
Question: Which type of IDS is an expert system that uses a knowledge base, inference engine, and rule-based programming?
A: Signature-based
B: Anomaly-based
C: Heuristic-based
D: Application-based
Question ID: CISSP-2018-RA-07-4-190
Question: Which type of anomaly-based IDS uses an “expert” system?
A: Traffic-based
B: Protocol-based
C: Statistical
D: Heuristic-based
Question ID: CISSP-2018-RA-07-4-191
Question: Which type of IDS analyzes traffic and compares it to attack or state patterns that reside within the IDS database?
A: Signature-based
B: Anomaly-based
C: Heuristic-based
D: Application-based
Question ID: CISSP-2018-RA-07-4-192
Question: Which type of anomaly-based IDS samples the live environment to record activities?
A: Traffic -based
B: Protocol-based
C: Statistical
D: Heuristic-based
Question ID: CISSP-2018-RA-07-4-193
Question: Which type of IDS analyzes traffic and compares it to normal traffic?
A: Signature-based
B: Anomaly-based
C: Heuristic-based
D: Application-based
Question ID: CISSP-2018-RA-07-4-194
Question: Which type of anomaly-based IDS has knowledge of the protocols that it will monitor?
A: Traffic -based
B: Protocol-based
C: Statistical
D: Heuristic-based
Question ID: CISSP-2018-RA-07-4-195
Question: Which of the following is NOT a guideline for managing network devices?
A: Leave all default administrator passwords on the devices.
B: Limit the number of users that have remote access to these devices.
C: Rather than Telnet use an encrypted command-line tool such as Secure Shell.
D: Manage critical systems locally.
E: Limit physical access to these devices.
Question ID: CISSP-2018-RA-07-4-196
Question: Which of the following is NOT a guideline for managing network devices?
A: Change all default administrator passwords on the devices.
B: Maximize the number of users that have remote access to these devices.
C: Rather than Telnet use an encrypted command-line tool such as Secure Shell.
D: Manage critical systems locally.
E: Limit physical access to these devices.
Question ID: CISSP-2018-RA-07-4-197
Question: Which of the following is NOT a guideline for managing network devices?
A: Change all default administrator passwords on the devices.
B: Limit the number of users that have remote access to these devices.
C: Rather than SSL use Telnet.
D: Manage critical systems locally.
E: Limit physical access to these devices.
Question ID: CISSP-2018-RA-07-4-198
Question: Which of the following is NOT a guideline for managing network devices?
A: Change all default administrator passwords on the devices.
B: Limit the number of users that have remote access to these devices.
C: Rather than Telnet use SSL.
D: Manage critical systems remotely.
E: Limit physical access to these devices.
Question ID: CISSP-2018-RA-07-4-199
Question: Your organization has decided to formalize its business continuity plan. As a first step in this process, you have been asked to document the business continuity scope and plan. During this process, you obtain a document from your organization’s Internet service provider. This document details the services that will be provided for a specified period, along with guaranteed performance metrics. Which document are you reviewing?
A: SLA
B: BCP
C: DRP
D: BIA
Question ID: CISSP-2018-RA-07-4-200
Question: At which stage of incident response is the source of the incident determined?
A: Analysis
B: Investigation
C: Tracking
D: Post-mortem
E: Triage
F: Recovery
G: Containment
Question ID: CISSP-2018-RA-07-4-201
Question: After ensuring that personnel are protected, what should be the next step after an emergency occurs?
A: Protect the evidence.
B: Investigate the incident.
C: Secure the affected location.
D: Mitigate damage.
Question ID: CISSP-2018-RA-07-4-202
Question: Which of the following is a special host to which an attacker is transferred during an attack?
A: NIDS
B: HIDS
C: IPS
D: Honeypot
E: Padded cell
Question ID: CISSP-2018-RA-07-4-203
Question: Which of the following are released by vendors to fix functional issues with security loopholes?
A: Software library
B: Software patches
C: Configuration Identification
D: Configuration item
Question ID: CISSP-2018-RA-07-4-204
Question: After a change has been tested and presented what is the next step in the change control process?
A: The change is approved.
B: The change is implemented.
C: The change is reported to management or the change control board (CCB).
D: The change is tested and presented.
Question ID: CISSP-2018-RA-07-4-205
Question: After a change has been approved, what is the next step in the change control process?
A: The change is approved.
B: The change is documented in the change log.
C: The change is reported to management or the change control board (CCB).
D: The change is tested and presented.
Question ID: CISSP-2018-RA-07-4-206
Question: After a change has been requested, what is the next step in the Change control process?
A: The change is approved.
B: The change is documented in the change log.
C: The change is reported to management or the change control board (CCB).
D: The change is tested and presented.
Question ID: CISSP-2018-RA-07-4-207
Question: Which backup takes the longest time and the most space to complete?
A: Transaction log backup
B: Incremental backup
C: Differential backup
D: Full backup
Question ID: CISSP-2018-RA-07-4-208
Question: Which backup takes the least amount of time and space to complete?
A: Copy backup
B: Incremental backup
C: Differential backup
D: Full backup
Question ID: CISSP-2018-RA-07-4-209
Question: An organization performs a full backup every Sunday at 4 a.m. A differential backup is performed all other days at 4 a.m. If the server needs to be restored on a Thursday at 8 a.m., which backups will need to be restored?
A: Sunday’s full backup
B: Sunday’s full backup and Monday through Thursday’s differential backups
C: Sunday’s full backup and Monday through Wednesday’s differential backups
D: Sunday’s full backup and Thursday’s differential backup
Question ID: CISSP-2018-RA-07-4-210
Question: Which electronic backup method uses constant data updates to ensure that the data maintained at the locations are close to the same?
A: Tape vaulting
B: Electronic vaulting
C: Synchronous replication
D: Asynchronous replication
Question ID: CISSP-2018-RA-07-4-211
Question: An organization performs a full backup every Sunday at 4 a.m. An increment backup is performed all other days at 4 a.m. If the server needs to be restored on a Thursday at 8 a.m., which backups will need to be restored?
A: Sunday’s full backup
B: Sunday’s full backup and Monday through Thursday’s incremental backups
C: Sunday’s full backup and Monday through Wednesday’s incremental backups
D: Sunday’s full backup and Thursday’s incremental backup
Question ID: CISSP-2018-RA-07-4-212
Question: Which electronic backup method creates backups over a direct communication line on a backup system at an offsite facility?
A: Tape vaulting
B: Electronic vaulting
C: Synchronous replication
D: Asynchronous replication
Question ID: CISSP-2018-RA-07-4-213
Question: Which electronic backup method delays updates to a predefined schedule?
A: Tape vaulting
B: Electronic vaulting
C: Synchronous replication
D: Asynchronous replication
Question ID: CISSP-2018-RA-07-4-214
Question: Which electronic backup method copies files as modifications occur in real time?
A: Tape vaulting
B: Electronic vaulting
C: Synchronous replication
D: Asynchronous replication
Question ID: CISSP-2018-RA-07-4-215
Question: Which term refers to the capacity of a system to switch over to a backup system if a failure in the primary system occurs?
A: Load balancing
B: Clustering
C: Failsoft
D: Failover
Question ID: CISSP-2018-RA-07-4-216
Question: Which term refers to the capability of a system to terminate noncritical processes when a failure occurs?
A: Load balancing
B: Clustering
C: Failsoft
D: Failover
Question ID: CISSP-2018-RA-07-4-217
Question: In which backup rotation scheme are three sets of backups defined?
A: FIFO
B: GFS
C: full/differential
D: full/incremental
Question ID: CISSP-2018-RA-07-4-218
Question: In which backup rotation scheme is the newest backup saved to the oldest media?
A: FIFO
B: GFS
C: full/differential
D: full/incremental
Question ID: CISSP-2018-RA-07-4-219
Question: What are the main factors that affect the selection of an alternative location?
A: Geographic location
B: Organizational needs
C: Location’s cost
D: Location’s restoration effort
E: Statements a, b, and c only
F: Statements a, b, and d only
G: All the statements
Question ID: CISSP-2018-RA-07-4-220
Question: Which alternative site is the hardest to test?
A: Hot site
B: Warm site
C: Cold site
D: Redundant site
Question ID: CISSP-2018-RA-07-4-221
Question: Which of the following arrangements for fault tolerance provide the least amount of protection contractually?
A: Wear site
B: Hot site
C: Reciprocal agreement
D: Cold site
Question ID: CISSP-2018-RA-07-4-222
Question: Your organization has decided to create a formal disaster recovery plan. Which statement best explains this process?
A: This plan is primarily a management issue and should include only those functions specified by management.
B: The plan is required only if the organization deals with the public.
C: The plan is an issue for the entire organization and should include all functions of the organization.
D: The plan is an issue for only those functions that are affected by the identified risks.
Question ID: CISSP-2018-RA-07-4-223
Question: As part of your organization’s business continuity and recovery planning, you have been asked to ensure that the appropriate departments develop recovery plans. Which organizational areas should you ensure comply with this request?
A: Vital operational and financial departments only
B: Critical departments only
C: Financial departments only
D: All departments
Question ID: CISSP-2018-RA-07-4-224
Question: When is an emergency or disaster over for an organization?
A: When operations are normal at the alternative site
B: When operations are normal at the primary site
C: When personnel are safe
D: When emergency personnel declare the area safe
Question ID: CISSP-2018-RA-07-4-225
Question: Which team is responsible for determining the cause of a disaster and the amount of destruction that has occurred?
A: Damage assessment team
B: Recovery team
C: Relocation team
D: Legal team
E: Salvage team
Question ID: CISSP-2018-RA-07-4-226
Question: Which team is responsible for ensuring the operations can be carried out at an alternative site?
A: Damage assessment team
B: Recovery team
C: Relocation team
D: Legal team
E: Salvage team
Question ID: CISSP-2018-RA-07-4-227
Question: As the business continuity plan coordinator, you must ensure that the business continuity plan is maintained. Part of your duties state that you must update the BCP when needed. Which of the following events should prompt you to review the BCP?
A: The Human Resources department is moved to its own CAT6 network segment.
B: The research department purchases a new application and server.
C: The customer service department terminates three employees.
D: The financial department announces that budgets will be slashed by 10%.
E: Statements a, b, and c only
F: Statements b, c, and d only
G: All the statements
Question ID: CISSP-2018-RA-07-4-228
Question: As the business continuity plan coordinator, you must ensure that the business continuity plan is maintained. Part of your duties state that you must update the BCP when needed. Which of the following events should prompt you to review the BCP?
A: The organization purchases a small branch office in another city.
B: The government announces that a nuclear power plant will be built near your current location.
C: Your city announces that the fire department closest to your location will be closed within six months.
D: The CEO of your organization resigns.
E: Statements a, b, and c only
F: Statements b, c, and d only
G: All the statements
Question ID: CISSP-2018-RA-07-4-229
Question: Which perimeter detection system emits a magnetic field and monitors that field?
A: Photometric system
B: Acoustical system
C: Wave Motion Detector
D: Electromechanical system
E: Capacitance detector
Question ID: CISSP-2018-RA-07-4-230
Question: Which class of a gate is suitable for commercial applications?
A: Class 1
B: Class 2
C: Class 3
D: Class 4
Question ID: CISSP-2018-RA-07-4-232
Question: The application developers for your organization have come to you for advice regarding a new application they are designing. In the application, there are certain files that will need to be transmitted between the server and clients. The application must ensure that these files are transferred between the server and clients in the most secure way. Of the given options, which would satisfy the requirements of the application developers?
A: Digitally sign the file.
B: Hash the file before transmission.
C: Transmit the file using FTP.
D: Encrypt the file before transmission.
Question ID: CISSP-2018-RA-07-4-233
Question: Which of the following is the hardware, firmware, and software elements of a trusted computing base that implements the reference monitor concept?
A: Reference monitor
B: Security perimeter
C: Security kernel
D: TCB
Question ID: CISSP-2018-RA-07-4-234
Question: Which of the following is the dividing line between the trusted parts of the system and those that are untrusted?
A: Reference monitor
B: Security perimeter
C: Security kernel
D: TCB
Question ID: CISSP-2018-RA-07-4-235
Question: Which of the following if compromised jeopardizes the security properties of the entire system?
A: Reference monitor
B: Security perimeter
C: Security kernel
D: TCB
Question ID: CISSP-2018-RA-08-1-011
Question: Which of the following is the logical relationship between elements of data?
A: Polymorphism
B: Cohesion
C: Coupling
D: Data structure
Question ID: CISSP-2018-RA-08-1-014
Question: Which of the following organizations or initiatives provide guidance to organizations in integrating security into the development and maintenance of software applications?
A: WASC
B: OWASP
C: BSI
D: ISO/IEC 27000
Question ID: CISSP-2018-RA-08-1-015
Question: Which of the following is a piece of software installed by a hacker that allows them to return later without authentication?
A: Rootkit
B: Buffer Overflow
C: Privilege Escalation
D: Backdoor
Question ID: CISSP-2018-RA-08-1-016
Question: Which of the following organizations or initiatives promotes a process-agnostic approach that makes security recommendations with regard to architectures, testing methods, code reviews, and management processes?
A: WASC
B: OWASP
C: BSI
D: ISO/IEC 27000
Question ID: CISSP-2018-RA-08-1-020
Question: Which of the following is the process of exploiting a bug or weakness in an operating system to allow a user to perform functions for which they are not authorized?
A: Rootkit
B: Buffer Overflow
C: Privilege Escalation
D: Backdoor
Question ID: CISSP-2018-RA-08-1-236
Question: In which phase of the system development life cycle is the solution introduced to the production environment?
A: Project initiation
B: Acquire/develop
C: Implementation
D: System design specification
Question ID: CISSP-2018-RA-08-1-237
Question: Which phase of the system development life cycle involves consideration of security requirements?
A: Project initiation
B: Acquire/develop
C: Implementation
D: System design specification
Question ID: CISSP-2018-RA-08-1-238
Question: Which of the following describes a software module that performs its job without using other modules?
A: High cohesion
B: Low cohesion
C: Low coupling
D: High coupling
Question ID: CISSP-2018-RA-08-1-239
Question: In which stage of the change control process is the suggested change defined?
A: Record the change request.
B: Analyze the request.
C: Make changes.
D: Submit results to management.
E: Make a formal request.
Question ID: CISSP-2018-RA-08-1-240
Question: In which stage of the change control process is the change implemented?
A: Record the change request.
B: Analyze the request.
C: Make changes.
D: Submit results to management.
E: Make a formal request.
Question ID: CISSP-2018-RA-08-1-241
Question: In which stage of the change control process is approval granted?
A: Record the change request.
B: Analyze the request.
C: Make changes.
D: Submit results to management.
E: Make a formal request.
Question ID: CISSP-2018-RA-08-1-242
Question: In which stage of the change control process are the results of analyzing the request documented?
A: Record the change request.
B: Make a formal request.
C: Make changes.
D: Submit results to management.
Question ID: CISSP-2018-RA-08-1-243
Question: In which stage of the change control process are the security implications reviewed?
A: Record the change request.
B: Analyze the request.
C: Make changes.
D: Submit results to management.
E: Make a formal request.
Question ID: CISSP-2018-RA-08-1-244
Question: Which of the following techniques ensures that each transaction has certain properties before it is committed?
A: ACID Test
B: PERT
C: Delphi technique
D: Gantt chart
Question ID: CISSP-2018-RA-08-1-245
Question: Which of the following is a process used to prevent data inference violations?
A: Database locks
B: Polyinstantiation
C: Aggregation
D: Spiral
Question ID: CISSP-2018-RA-08-1-246
Question: In which of the following techniques are group members asked to provide their opinion on a piece of paper in confidence?
A: ACID Test
B: PERT
C: Delphi technique
D: Gantt chart
Question ID: CISSP-2018-RA-08-1-247
Question: Which of the following is a process used to prevent one user from accessing a record at the same time as another user?
A: Database locks
B: Polyinstantiation
C: Aggregation
D: Spiral
Question ID: CISSP-2018-RA-08-1-248
Question: Which of the following techniques uses bar charts?
A: ACID Test
B: PERT
C: Delphi technique
D: Gantt chart
Question ID: CISSP-2018-RA-08-1-249
Question: Which software testing method is performed to debug the code instructions?
A: Unit testing
B: Black-box
C: White-box
D: Sampling
Question ID: CISSP-2018-RA-08-1-250
Question: Your organization is considering deploying an application that uses Diffie-Hellman for key distribution. Which type of attack could this application be susceptible to?
A: DoS attack
B: DDoS attack
C: Network sniffing
D: Man-in-the-middle attack
Question ID: CISSP-2018-RA-08-2-011
Question: Which of the following is the capability of different objects with a common name to react to the same message or input with different output?
A: Polymorphism
B: Cohesion
C: Coupling
D: Data structure
Question ID: CISSP-2018-RA-08-2-014
Question: Which of the following organizations or initiatives provide best practices for web-based applications along with a variety of resources, tools, and information that organizations can make use of in developing web applications?
A: WASC
B: OWASP
C: BSI
D: ISO/IEC 27000
Question ID: CISSP-2018-RA-08-2-015
Question: Which of the following is a set of tools that a hacker can use on a computer after he has managed to gain access?
A: Rootkit
B: Buffer Overflow
C: Privilege Escalation
D: Backdoor
Question ID: CISSP-2018-RA-08-2-016
Question: Which of the following organizations or initiatives monitor attacks, specifically web attacks?
A: WASC
B: OWASP
C: BSI
D: ISO/IEC 27000
Question ID: CISSP-2018-RA-08-2-019
Question: Which of the following describes how many different tasks a module can carry out?
A: Polymorphism
B: Cohesion
C: Coupling
D: Data structure
Question ID: CISSP-2018-RA-08-2-020
Question: Which of the following occurs when too much data is accepted as input to a specific process?
A: Rootkit
B: Buffer Overflow
C: Privilege Escalation
D: Backdoor
Question ID: CISSP-2018-RA-08-2-236
Question: Which phase of the system development life cycle includes coding and scripting?
A: Project initiation
B: Acquire/develop
C: Implementation
D: System design specification
Question ID: CISSP-2018-RA-08-2-237
Question: Which phase of the system development life cycle focuses on providing details on which kind of security mechanism is included?
A: Project initiation
B: Acquire/develop
C: Implementation
D: System design specification
Question ID: CISSP-2018-RA-08-2-238
Question: Which of the following is a database security concern that arises when a user does not have complete access to sensitive data but can access portions of it?
A: Database locks
B: Polyinstantiation
C: Aggregation
D: Spiral
Question ID: CISSP-2018-RA-08-2-239
Question: Which of the following translates one line of code at a time?
A: Interpreter
B: Parallel test
C: Assembler
D: Compiler
Question ID: CISSP-2018-RA-08-2-240
Question: Which of the following is a model based on analyzing the risk, building prototypes, and simulating the application tasks?
A: Database locks
B: Polyinstantiation
C: Aggregation
D: Spiral
Question ID: CISSP-2018-RA-08-2-241
Question: Which of the following translates a program written in assembly language into machine code?
A: Interpreter
B: Parallel test
C: Assembler
D: Compiler
Question ID: CISSP-2018-RA-08-2-242
Question: Which of the following provides an insight into obscure data relationships?
A: Metadata
B: Object reuse
C: DDE
D: Data normalization
Question ID: CISSP-2018-RA-08-2-243
Question: Which of the following is the process of feeding test data into two systems?
A: Interpreter
B: Parallel test
C: Assembler
D: Compiler
Question ID: CISSP-2018-RA-08-2-244
Question: Which of the following is the reallocation of system resources after ensuring that there is no residual data left on the medium?
A: Metadata
B: Object reuse
C: DDE
D: Data normalization
Question ID: CISSP-2018-RA-08-2-245
Question: Which of the following translates a section of code at a time?
A: Interpreter
B: Parallel test
C: Assembler
D: Compiler
Question ID: CISSP-2018-RA-08-2-246
Question: Which of the following enables direct communication between two applications?
A: Metadata
B: Object reuse
C: DDE
D: Data normalization
Question ID: CISSP-2018-RA-08-2-247
Question: Which of the following techniques is a method used for analyzing the tasks involved in completing a given project and the time required to complete each task without using a bar chart?
A: ACID Test
B: PERT
C: Delphi technique
D: Gantt chart
Question ID: CISSP-2018-RA-08-2-248
Question: Which type of software testing is performed after a change takes place?
A: Unit testing
B: Regression testing
C: Integration testing
D: Acceptance testing
Question ID: CISSP-2018-RA-08-2-249
Question: Which of the following controls are implemented prior to submission to the application?
A: Context-dependent
B: Pre-validation
C: Content-dependent
D: Post-validation
Question ID: CISSP-2018-RA-08-2-250
Question: Which of the following software attacks inject malicious code into a web application?
A: SQL injection
B: Cross site scripting
C: Buffer overflow
D: Path traversal
Question ID: CISSP-2018-RA-08-3-231
Question: Which of the following describes a software module that is easier to update?
A: High cohesion
B: Low cohesion
C: Low coupling
D: High coupling
Question ID: CISSP-2018-RA-08-3-236
Question: Which of the following controls considers multiple factors to help prevent inference?
A: Context-dependent
B: Pre-validation
C: Content-dependent
D: Post-validation
Question ID: CISSP-2018-RA-08-3-237
Question: Which attack types sends a spoofed TCP SYN packet?
A: Ping of death
B: Land attack
C: DoS attack
D: Network address hijacking
Question ID: CISSP-2018-RA-08-3-238
Question: Which of the following software attacks is used to access directories that are not supposed to be available from the web?
A: SQL injection
B: Cross site scripting
C: Buffer overflow
D: Path traversal
Question ID: CISSP-2018-RA-08-3-239
Question: Which type of software testing ensures customer requirements are met?
A: Unit testing
B: Regression testing
C: Integration testing
D: Acceptance testing
Question ID: CISSP-2018-RA-08-3-240
Question: In which of the following software attacks are actual database commands entered into the database input field?
A: SQL injection
B: Cross site scripting
C: Buffer overflow
D: Path traversal
Question ID: CISSP-2018-RA-08-3-241
Question: Which type of software testing confirms the validity of the design specifications?
A: Unit testing
B: Regression testing
C: Integration testing
D: Acceptance testing
Question ID: CISSP-2018-RA-08-3-242
Question: Which of the following software attacks results from an invalid amount of input?
A: SQL injection
B: Cross site scripting
C: Buffer overflow
D: Path traversal
Question ID: CISSP-2018-RA-08-3-243
Question: Which type of software testing is performed initially and tests boundary conditions?
A: Unit testing
B: Regression testing
C: Integration testing
D: Acceptance testing
Question ID: CISSP-2018-RA-08-3-244
Question: You need to implement cryptography in your Java applications. Which technology should you implement?
A: JDBC
B: JVM
C: JCA
D: JavaScript
Question ID: CISSP-2018-RA-08-3-245
Question: Which technology provides digital signatures for software components?
A: Java sandbox
B: Java applets
C: ActiveX
D: Authenticode
Question ID: CISSP-2018-RA-08-3-246
Question: Your organization is designing a new application that will process financial transactions that are considered highly confidential. You need to implement the encryption algorithm that provides the largest key size. Which algorithm should you choose?
A: RC6
B: AES
C: Blowfish
D: 3DES
Question ID: CISSP-2018-RA-08-3-247
Question: You work for an organizational that creates software applications. One of your applications was originally written to provide security using the DES algorithm. The application developers want to replace the encryption algorithm with one that uses a 168-bit key. Which algorithm should the application use?
A: 3DES
B: AES
C: RC6
D: Twofish
Question ID: CISSP-2018-RA-08-3-248
Question: You have to decide between two applications that provide the same function. One application uses RSA, and the other implements DSA. What is a valid reason for choosing RSA over DSA?
A: RSA uses fewer resources.
B: RSA encrypts slower.
C: RSA provides encryption.
D: RSA is a block cipher.
Question ID: CISSP-2018-RA-08-3-249
Question: Your organization implements an application that uses a one-way hash on several files. What is the primary purpose of this?
A: It prevents anyone from reading plaintext files.
B: It prevents replay attacks.
C: It prevents man-in-the-middle attacks.
D: It verifies the accuracy of the files.
Question ID: CISSP-2018-RA-08-3-250
Question: What software testing type verifies that recent changes have not reduced the security or functionality of the software?
A: Unit testing
B: Verification testing
C: Validation testing
D: Regression testing
Question ID: CISSP-2018-RA-08-4-231
Question: Which of the following describes a software module that must interact with other modules to perform its job?
A: High cohesion
B: Low cohesion
C: Low coupling
D: High coupling
Question ID: CISSP-2018-RA-08-4-236
Question: Which of the following provides a foundation to build a trusted computing system?
A: Protection domain
B: Trusted path
C: Security kernel
D: Execution domain
Question ID: CISSP-2018-RA-08-4-237
Question: Which attack consists of -interrupting a task and changing something to affect the result while the tasks occur in the correct order?
A: Race condition
B: Emanations capturing
C: TOC/TOU attack
D: Maintenance hooks
E: Buffer overflow
Question ID: CISSP-2018-RA-08-4-238
Question: Which of the following is the BEST countermeasure to mitigate the dangers of maintenance hooks?
A: Record any attempt to access the system using one of these hooks.
B: Remove all maintenance hooks before the product goes into production.
C: Encrypt all sensitive information contained in the system.
D: Implement auditing to supplement the IDS.
Question ID: CISSP-2018-RA-08-4-239
Question: Making critical sets of instructions atomic is a countermeasure for which attack type?
A: TOC/TOU
B: Inference
C: Buffer overflow
D: Maintenance hooks
E: Contamination
Question ID: CISSP-2018-RA-08-4-240
Question: Which of the following attacks is also called an asynchronous attack?
A: TOC/TOU
B: Inference
C: Buffer overflow
D: Maintenance hooks
E: Contamination
Question ID: CISSP-2018-RA-08-4-241
Question: Code reviews are a countermeasure for which attack type?
A: TOC/TOU
B: Inference
C: Buffer overflow
D: Maintenance hooks
E: Contamination
Question ID: CISSP-2018-RA-08-4-242
Question: In which of the following attacks does a higher-level subject write data to a storage area and a lower-level subject reads it?
A: TOC/TOU
B: Covert storage channel attack
C: Buffer overflow
D: Maintenance hooks
E: Contamination
Question ID: CISSP-2018-RA-08-4-243
Question: Polyinstantiation is a countermeasure for which attack type?
A: TOC/TOU
B: Inference
C: Buffer overflow
D: Maintenance hooks
E: Contamination
Question ID: CISSP-2018-RA-08-4-244
Question: Which attack interrupts and changes a process to affect the result while the tasks continue to occur in the correct order?
A: Race condition
B: Emanations capturing
C: TOC/TOU attack
D: Maintenance hooks
E: Buffer overflow
Question ID: CISSP-2018-RA-08-4-245
Question: Input validation is a countermeasure for which attack type?
A: TOC/TOU
B: Inference
C: Buffer overflow
D: Maintenance hooks
E: Contamination
Question ID: CISSP-2018-RA-08-4-246
Question: Which attack uses backdoors in applications that are designed by the application developers to perform maintenance tasks?
A: Race condition
B: Emanations capturing
C: TOC/TOU attack
D: Maintenance hooks
E: Buffer overflow
Question ID: CISSP-2018-RA-08-4-247
Question: Proper implementation of security levels is a countermeasure for which attack type?
A: TOC/TOU
B: Inference
C: Buffer overflow
D: Maintenance hooks
E: Contamination
Question ID: CISSP-2018-RA-08-4-248
Question: Which attack causes processes to execute in a different order to affect the result?
A: Race condition
B: Emanations capturing
C: TOC/TOU attack
D: Maintenance hooks
E: Buffer overflow
Question ID: CISSP-2018-RA-08-4-249
Question: Which type of computing uses instructions that are simpler and require less clock cycles to execute?
A: CISC
B: MISC
C: RISC
D: SISC
Question ID: CISSP-2018-RA-08-4-250
Question: How can a company be protected from a software vendor going out of business?
A: MD5 hashes
B: Key escrow
C: Certificates
D: Contractor licenses
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following describes how much interaction one module requires from other modules to do its job?
A: Polymorphism
B: Cohesion
C: Coupling
D: Data structure
Question ID: CISSP-2018-RA-08-8-019
Question: When information can be trusted as being complete, consistent, and accurate which of the following have been provided?
A: Data integrity
B: System Integrity
C: Data confidentiality
D: System availability
Question ID: CISSP-2018-RA-08-8-019
Question: When a device has system integrity what it means?
A: Implies that a system will provide confidentiality
B: Implies that a system will work as intended
C: Implies that a system will provide high availability
D: Implies that a system will never go down
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following is the internal process of providing a manual or systematic measurable technical assessment of a system?
A: recording
B: accounting
C: audit
D: assessment
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following is the assurance that a sender cannot deny an action ?
A: confidentiality
B: integrity
C: availability
D: Non-Repudiation
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following is required to support non-repudiation?
A: initialization vector
B: symmetric algorithm
C: ECC
D: digital signature
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following is the process of taking away or removing characteristics from something to reduce it to a set of essential characteristics. ?
A: abstraction
B: data hiding
C: encryption
D: elongation
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following is the principle whereby data about a known entity is not accessible to certain processes or users. ?
A: abstraction
B: data hiding
C: encryption
D: elongation
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following techniques is used to hide data?
A: abstraction
B: data hiding
C: encryption
D: encapsulation
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following is NOT a responsibility of leadership with respect to security governance?
A: Determine and articulate the organization’s desired state of security
B: Maintain responsibility and accountability through oversight
C: Select and implement specific solutions
D: Provide the strategic direction, resources, funding, and support to ensure that the desired state of security can be achieved and sustained
Question ID: CISSP-2018-RA-08-8-019
Question: When an organization continually reassesses the environment, including new adversaries, and proactively adapts their information security program they are practicing which principle?
A: defense in depth
B: threat modeling
C: stress testing
D: least privilege
Question ID: CISSP-2018-RA-08-8-019
Question: Which body recruits and recommends members of an organization’s governing board ?
A: governance committee
B: change control board
C: configuration management team
D: board of directors
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following are considered best practices and are specific in nature?
A: standards
B: frameworks
C: methodologies
D: guidelines
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following is a set of documents that describe U.S. federal government computer security policies, procedures and guidelines. ?
A: NIST 800 series
B: IEEE 802.20
C: ISO 27000 series
D: ANSI 400
Question ID: CISSP-2018-RA-08-8-019
Question: Which NIST document provides guidelines for mapping types of information and information systems to security categories ?
A: 800.183
B: 800-60
C: 800-18 Rev 1
D: 800-36
Question ID: CISSP-2018-RA-08-8-019
Question: Which NIST document describes the Internet of Things ?
A: 800-36
B: 800-60
C: 800-183
D: 800-163
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following worked to establish the Common Security Framework (CSF) that can be used by all organizations that create, access, store, or exchange sensitive and/or regulated data. ?
A: IEEE
B: NIST
C: HITRUST
D: CIS
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following was released by the CIS?
A: 800-60
B: CSF
C: 27000 series
D: Critical Security Controls version 7
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following is the act of investigation and assessment?
A: due care
B: prudent care
C: reasonable care
D: due diligence
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following is is the standard of care that a prudent person would have exercised under the same or similar conditions. ?
A: due care
B: prudent care
C: reasonable care
D: due diligence
Question ID: CISSP-2018-RA-08-8-019
Question: Those charged with protecting our people are not always able to access evidence needed to prosecute crime and prevent terrorism even with lawful authority. What is this called?
A: going dark
B: going down
C: going up
D: going bad
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following is the power or right of a legal or political agency to exercise its authority over a person, subject matter, or territory?
A: Jurisdiction
B: standing
C: jurisprudence
D: authority
Question ID: CISSP-2018-RA-08-8-019
Question: Beginning on May 25, 2018, the members of the EU began applying which if the following ?
A: Basel II
B: GPDR
C: Safe Harbor
D: Data havens
Question ID: CISSP-2018-RA-08-8-019
Question: Organizations must report data breaches to the regulator within how many hours of discovery according to the GPDR?
A: 24
B: 48
C: 72
D: 96
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following is a series of actions or steps taken in order to achieve a particular end ?
A: procedure
B: process
C: workflow
D: runbook
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following is sometimes referred to as “Plan B”?
A: COOP plan
B: contingency
C: risk management
D: beta
Question ID: CISSP-2018-RA-08-8-019
Question: According to NIST 800-34 Rev. 1 which of the following focuses on sustaining an organization’s mission/business processes during and after a disruption?
A: BCP
B: COOP
C: CIP
D: DRP
Question ID: CISSP-2018-RA-08-8-019
Question: According to NIST 800-34 Rev. 1 which of the following is a set of policies and procedures that serve to protect and recover these assets and mitigate risks and vulnerabilities ?
A: BCP
B: COOP
C: CIP
D: DRP
Question ID: CISSP-2018-RA-08-8-019
Question: According to NIST 800-34 Rev. 1 which of the following outlines first-response procedures for occupants of a facility in the event of a threat?
A: OEP
B: COOP
C: CIP
D: DRP
Question ID: CISSP-2018-RA-08-8-019
Question: According to NIST 800-34 Rev. 1 which of the following provides established procedures for the assessment and recovery of a system following a system disruption.?
A: OEP
B: ISC P
C: CIP
D: DRP
Question ID: CISSP-2018-RA-08-8-019
Question: According to NIST 800-34 Rev. 1 which of the following focuses on restoring an organization’s mission-essential functions (MEFs) at an alternate site?
A: OEP
B: COOP
C: CIP
D: DRP
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following protects data from unauthorized disclosure. ?
A: AUP
B: NDA
C: SLA
D: MBA
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following details appropriate use of information systems, handling standards, monitoring, and privacy expectations.?
A: AUP
B: NDA
C: SLA
D: MBA
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following is the process of integrating a new employee with a company ?
A: onboarding
B: orientation
C: provisioning
D: assigning
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following is the initial task of completing paperwork (including confidentiality and AUP agreements), introductions, and initial training. ?
A: onboarding
B: orientation
C: provisioning
D: assigning
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following is the process of creating user accounts and credentials ?
A: onboarding
B: orientation
C: provisioning
D: assigning
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following is NOT a basic element used to determine an asset’s value?
A: The initial and ongoing cost for purchasing, licensing, developing, and maintaining the physical or information asset
B: The asset’s value to the enterprise’s operations
C: The asset’s value established on the external marketplace and estimated value of the intellectual property
D: The assets resale value
[lb] The initial and ongoing cost for purchasing, licensing, developing, and maintaining the physical or information asset
[lb] The asset’s value to the enterprise’s operations
[lb] The asset’s value established on the external marketplace and estimated value of the intellectual property
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following is also called a countermeasure?
A: control
B: tactic
C: strategy
D: reaction
[lb] Reduces or eliminates a vulnerability
[lb] Reduces or eliminates the likelihood that a threat agent will be able to exploit a vulnerability
[lb] Reduces or eliminates the impact of an exploit
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following is the level of risk an organization is prepared to accept. ?
A: risk tolerance
B: risk appetite
C: risk aversion
D: risk profile
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following is any event that violates an organization’s security or privacy policies ?
A: attack
B: breach
C: vulnerability
D: disclosure
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following is any event that has been successful in reaching its goal ?
A: attack
B: breach
C: vulnerability
D: disclosure
Question ID: CISSP-2018-RA-08-8-019
Question: Which NIST document is used to determine the security category of an information system?
A: FIPS 199
B: FIPS 200
C: FIPS 800-53
D: FIPS 800-160
Question ID: CISSP-2018-RA-08-8-019
Question: Which NIST document is used to derive the information system impact level from a chosen security category ?
A: FIPS 199
B: FIPS 200
C: FIPS 800-53
D: FIPS 800-160
Question ID: CISSP-2018-RA-08-8-019
Question: Which NIST document is used to apply the appropriately tailored set of baseline security controls to a selected system impact level and security category. ?
A: FIPS 199
B: FIPS 200
C: FIPS 800-53
D: FIPS 800-160
Question ID: CISSP-2018-RA-08-8-019
Question: Which NIST document defines the systems security engineering framework. ?
A: FIPS 199
B: FIPS 200
C: FIPS 800-53
D: FIPS 800-160
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following is NOT one of the three contexts within which security activities are conducted according to NIST SP 800-160?
A: solution
B: problem
C: trustworthiness
D: cost
Question ID: CISSP-2018-RA-08-8-019
Question: The purpose of which of the following is to provide guidance for an integrated, organization-wide program for managing information security risk to organizational operations ?
A: SP 800-39
B: SP 800-160
C: SP 800-30
D: SP 800-37
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following is not one of the three tiers in an organization defined by SP 800-139?
A: Organization
B: Mission/Business Processes
C: Information systems
D: HR Systems
Tier 1 is the organization view, which addresses risk from an organizational perspective by establishing and implementing governance structures that are consistent with the strategic goals and objectives of organizations and the requirements defined by federal laws, directives, policies, regulations, standards, and missions/business functions. Tier 2 is the mission/business process view, which designs, develops, and implements mission/business processes that support the missions/business functions defined at Tier 1. Tier 3 is the information systems view, which includes operational systems, systems under development, systems undergoing modification, and systems in some phase of the system development life cycle.
Question ID: CISSP-2018-RA-08-8-019
Question: Which SP 800-139 framework core functions implements the appropriate safeguards to ensure delivery of critical infrastructure services?
A: Identify (ID)
B: Protect (PR)
C: Detect (DE)
D: Respond (RS)
1. Identify (ID): Develop the organizational understanding to manage cybersecurity risk to systems, assets, data, and capabilities.
2. Protect (PR): Develop and implement the appropriate safeguards to ensure delivery of critical infrastructure services.
3. Detect (DE): Develop and implement the appropriate activities to identify the occurrence of a cybersecurity event.
4. Respond (RS): Develop and implement the appropriate activities to take action regarding a detected cybersecurity event.
5. Recover (RC): Develop and implement the appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity event.
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following SP 800-139 framework implementation tiers means that risk management practices are approved by management but may not be established as organizational-wide policy ?
A: Partial
B: Risk Informed
C: Repeatable
D: Adaptive
- Tier 1: Partial means that risk management practices are not formalized, and risk is managed in an ad hoc and sometimes reactive manner.
- Tier 2: Risk Informed means that risk management practices are approved by management but may not be established as organizational-wide policy.
- Tier 3: Repeatable means that the organization’s risk management practices are formally approved and expressed as policy.
- Tier 4: Adaptive means that the organization adapts its cybersecurity practices based on lessons learned and predictive indicators derived from previous and current cybersecurity activities through a process of continuous improvement.
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following covers the different kinds of security tests of physical, human (processes), and communication systems, although it does not cover any specific tools that can be used to perform these tests. ?
A: COSO’s Enterprise Risk Management (ERM) Integrated Framework
B: Open Source Security Testing Methodology Manual (OSSTMM)
C: ISO/IEC 27005:2011
D: SP 800-139
Question ID: CISSP-2018-RA-08-8-019
Question: Which framework is presented in the form of a three-dimensional matrix ?
A: COSO’s Enterprise Risk Management (ERM) Integrated Framework
B: Open Source Security Testing Methodology Manual (OSSTMM)
C: ISO/IEC 27005:2011
D: SP 800-139
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following is a European Risk Management Standard ?
A: FERMA
B: Open Source Security Testing Methodology Manual (OSSTMM)
C: ISO/IEC 27005:2011
D: SP 800-139
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following is NOT part of the STRIDE model of threat classification?
A: Spoofing of user identity
B: Tampering
C: Rejection
D: Information Disclosure
- Spoofing of user identity
- Tampering
- Repudiation
- Information disclosure (privacy breach or data leak)
- Denial of service (DoS)
- Elevation of privilege
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following provides a seven-step process for analyzing applications to align business objectives and technical requirements ?
A: STRIDE
B: PASTA
C: Trike
D: SP 800-160
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following is both a methodology and a tool with its basis in a requirements model designed to ensure the level of risk assigned to each asset is classified as acceptable by stakeholders. ?
A: STRIDE
B: PASTA
C: Trike
D: SP 800-160
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following is is a draft publication for data-centric system threat modeling ?
A: STRIDE
B: PASTA
C: Trike
D: SP 800-154
1. Identify and characterize the system and data of interest.
2. Identify and select the attack vectors to be included in the model.
3. Characterize the security controls for mitigating the attack vectors.
4. Analyze the threat model.
Question ID: CISSP-2018-RA-08-8-019
Question: Data quality is most often ensured by ensuring which of the following?
A: confidentiality
B: integrity
C: non-repudiation
D: availability
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following gives guidelines on protecting the confidentiality of PII?
A: SP 800-122
B: PASTA
C: Trike
D: SP 800-154
Question ID: CISSP-2018-RA-08-8-019
Question: According to SP 800-122 PII should be assigned confidentiality impact levels based on the which designations?
A: SP 800-154
B: FIPS 199
C: Trike
D: SP 800-155
- LOW if the loss of confidentiality, integrity, or availability could be expected to have a limited adverse effect on organizational operations, organizational assets, or individuals.
- MODERATE if the loss of confidentiality, integrity, or availability could be expected to have a serious adverse effect on organizational operations, organizational assets, or individuals.
- HIGH if the loss of confidentiality, integrity, or availability could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals.
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following provides guidelines for implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule ?
A: SP 800-154
B: FIPS 199
C: SP 800-66
D: SP 800-155
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following is defined as internally generated data or documents that contain technical or other types of information controlled by an organization to safeguard its competitive edge ?
A: confidential
B: proprietary
C: top secret
D: PII
Question ID: CISSP-2018-RA-08-8-019
Question: U.S. federal agencies use which of the following designations when information is not classified but still needs to be protected and requires strict controls over its distribution ?
A: top secret
B: sensitive but unclassified
C: secret
D: unclassified
Question ID: CISSP-2018-RA-08-8-019
Question: Which role must determine the parameters that govern the system, such as what types of data and applications can be stored on the system, who owns the data and applications, and who determined the users that can access the data and applications ?
A: data custodian
B: data owner
C: system owner
D: system custodian
Question ID: CISSP-2018-RA-08-8-019
Question: Which role responsible for administering the systems on which data resides based on the parameters set forth by the system owner?
A: data custodian
B: data owner
C: system owner
D: system custodian
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following is also referred to as sanitizing data?
A: clearing
B: purging
C: destruction
D: deleting
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following methods includes overwriting?
A: clearing
B: purging
C: destruction
D: deleting
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following methods includes degaussing?
A: clearing
B: purging
C: destruction
D: deleting
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following methods chemically alters the media?
A: encryption
B: degaussing
C: shredding
D: pulping
Question ID: CISSP-2018-RA-08-8-019
Question: Suppose an application needs to access information in a database. Which statement is true?
A: the application becomes the subject, and the database becomes the object.
B: the application becomes the object, and the database becomes the object.
C: the application becomes the subject, and the database becomes the subject.
D: the application becomes the subject, and the database becomes the object.
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following is a proprietary system that is designed to work with a limited range of other systems?
A: open system
B: closed system
C: hybrid system
D: internal system
Question ID: CISSP-2018-RA-08-8-019
Question: When a process is only allowed to read from and write to certain memory locations and resources it is called what ?
A: bounds
B: isolation
C: confinement
D: concealment
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following set limits on the memory addresses and resources the process can access ?
A: bounds
B: isolation
C: confinement
D: concealment
Question ID: CISSP-2018-RA-08-8-019
Question: Which model is represented as a directed graph, called a protection graph ?
A: Brewer-Nash
B: Agile
C: Take-Grant
D: Biba
Question ID: CISSP-2018-RA-08-8-019
Question: Which model is the foundation of the noninterference model ?
A: Goguen-Meseguer Model
B: Sutherland Model
C: Take-Grant
D: Biba
Question ID: CISSP-2018-RA-08-8-019
Question: Which model focuses on preventing interference in support of integrity ?
A: Goguen-Meseguer Model
B: Sutherland Model
C: Take-Grant
D: Biba
Question ID: CISSP-2018-RA-08-8-019
Question: Which of the following allows multiple tasks to be performed within a single process. ?
A: multithreading
B: multitasking
C: multi-processing
D: symmetric processing
Question ID: CISSP-2018-RA-07-2-214
Question: Which of the following types of evidence should be collected first in an investigation of a computer crime?
A: Memory contents
B: Raw disk blocks
C: Swap files
D: File system information
E: Network processes
F: System processes
Document Information
Connected Book
Explore recommendations drawn directly from what you're reading
CISSP Cert Guide Exam Questions 3e
DOCX Ch. All in one
Abernathy CISSP Cert Guide 3e Questions bank
DOCX Ch. All in one
Test Questions Abernathy CISSP 3e
DOCX Ch. All in one Current
All chapters in this product are shown above